From owner-freebsd-ports@FreeBSD.ORG  Thu Oct  9 15:30:54 2014
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 0CD66DAF
 for <freebsd-ports@freebsd.org>; Thu,  9 Oct 2014 15:30:54 +0000 (UTC)
Received: from sam.nabble.com (sam.nabble.com [216.139.236.26])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id E3648EDD
 for <freebsd-ports@freebsd.org>; Thu,  9 Oct 2014 15:30:53 +0000 (UTC)
Received: from [192.168.236.26] (helo=sam.nabble.com)
 by sam.nabble.com with esmtp (Exim 4.72)
 (envelope-from <zaphod@berentweb.com>) id 1XcFfy-00011E-Cm
 for freebsd-ports@freebsd.org; Thu, 09 Oct 2014 08:30:46 -0700
Date: Thu, 9 Oct 2014 08:30:46 -0700 (PDT)
From: Beeblebrox <zaphod@berentweb.com>
To: freebsd-ports@freebsd.org
Message-ID: <1412868646385-5955619.post@n5.nabble.com>
Subject: security/gnupg: No ecdh/ecdsa capability
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Oct 2014 15:30:54 -0000

Hello. 
Is there a particular reason that security/gnupg on FreeBSD does not include
the ecdh/ecdsa algorithm?

$ gpg2 --version
gpg (GnuPG) 2.0.26
libgcrypt 1.6.1
......
Supported algorithms:
Pubkey: RSA, ELG, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Whereas, it should be:  Pubkey: RSA, ELG, DSA, ECDH, ECDSA

I doubt this is an "export restriction" issue, when
a. Linux distros have this enabled on gnupg and
b. openssl has support for it
This is available in gnupg since 9/2010 (GnuPG 2.1.0  / libgcrypt 1.5.0)

* Is the reason that code has somehow not been merged
(https://code.google.com/p/gnupg-ecc/source/browse/#svn/branches/gpg2ecc)?
* I have not tried security/pgp - I could switch if that has ecdsa enabled?

Regards.



-----
FreeBSD-11-current_amd64_root-on-zfs_RadeonKMS
--
View this message in context: http://freebsd.1045724.n5.nabble.com/security-gnupg-No-ecdh-ecdsa-capability-tp5955619.html
Sent from the freebsd-ports mailing list archive at Nabble.com.